daarion-admin/microdao-daarion
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fe0f2e23c2fcd20fe767f2a30e6051270ca2fff7
microdao-daarion/.gitignore
Apple 7b8499dd8a node2: P0 vision restore + P1 security hardening + node-specific router config 
P0 — Vision:
- swapper_config_node2.yaml: add llava-13b as vision model (vision:true)
  /vision/models now returns non-empty list; inference verified ~3.5s
- ollama.url fixed to host.docker.internal:11434 (was localhost, broken in Docker)

P1 — Security:
- Remove NODES_NODA1_SSH_PASSWORD from .env and docker-compose.node2-sofiia.yml
- SSH ED25519 key generated, authorized on NODA1, mounted as /run/secrets/noda1_ssh_key
- sofiia-console reads key via NODES_NODA1_SSH_PRIVATE_KEY env var
- secrets/noda1_id_ed25519 added to .gitignore

P1 — Router:
- services/router/router-config.node2.yml: new node2-specific config
  replaces all 172.17.0.1:11434 → host.docker.internal:11434
- docker-compose.node2-sofiia.yml: mount router-config.node2.yml (not root config)

P1 — Ports:
- router (9102), swapper (8890), sofiia-console (8002): bind to 127.0.0.1
- gateway (9300): keep 0.0.0.0 (Telegram webhook requires public access)

Artifacts:
- ops/patch_node2_P0P1_20260227.md — change log
- ops/validation_node2_P0P1_20260227.md — all checks PASS
- ops/node2.env.example — safe env template (no secrets)
- ops/security_hardening_node2.md — SSH key migration guide + firewall
- ops/node2_models_pull.sh — model pull script for P0/P1

Made-with: Cursor
2026-02-27 01:27:38 -08:00

99 lines
1.0 KiB
Plaintext
Raw Blame History

# Environment
.env
.env.*
!.env.example
# Docker volumes data
data/
qdrant-data*/
neo4j-data*/
# Logs
logs/*.log
*.log
# Secrets
.jwt_secret
*.pem
*.key
# Backups
*.backup.*
*.tgz
# Python
__pycache__/
*.pyc
*.pyo
# Node
node_modules/
# Virtual environments
venv/
.venv/
ENV/
env/
# IDE
.vscode/
.idea/
*.swp
*.swo
.DS_Store
# Temporary files
tmp/
temp_upload/
*.tmp
*.temp
.cache/
.worktrees/
*.bak_*
*.md.bak_*
*.sh.bak_*
*.py.bak_*
*.txt.bak_*
*.yml.bak_*
docs_backup_*.tar.gz
rollback_backups/
# NATS data
nats-data/
# Large model files
*.gguf
*.bin
*.safetensors
*.pt
*.pth
*.onnx
# OS specific
Thumbs.db
# Cursor credentials (local only)
.cursor/noda1-credentials.local.mdc
._*
**/._*
logs/
# Market data service artifacts
*.db
*.db-journal
*.db-shm
*.db-wal
events.jsonl
# Runtime canary artifacts
ops/status/
# SSH private keys and secrets (never commit!)
secrets/noda1_id_ed25519
secrets/*.pem
secrets/*.key
secrets/*.p12
# Allow example/placeholder files in secrets/
!secrets/*.example
!secrets/README.md
Reference in New Issue View Git Blame Copy Permalink